authentication

How secure is the “Password Protection” on your files and drives?

authentication, cybersecurity, Data Protection, Don't miss, Encryption, Expert analysis, Expert corner, hardware, Hot stuff, Kingston Digital, News, opinion, passwords /

How secure is the “Password Protection” on your files and drives? 2024-05-10 at 08:31 By Help Net Security People in certain professions, such as healthcare, law, and corporations, often rely on password protection when sending files via email, believing it provides adequate security against prying eyes. However, simple password protection on a PDF or Excel […]

React to this headline:

Loading spinner

How secure is the “Password Protection” on your files and drives? Read More »

Triangulation fraud: The costly scam hitting online retailers

Artificial Intelligence, attacks, authentication, biometrics, cybersecurity, Don't miss, Features, fraud, Hot stuff, News, online payment, opinion, remote access, scams, Visa /

Triangulation fraud: The costly scam hitting online retailers 2024-04-30 at 08:01 By Mirko Zorz In this Help Net Security interview, Mike Lemberger, Visa’s SVP, Chief Risk Officer, North America, discusses the severe financial losses resulting from triangulation fraud, estimating monthly losses to range from $660 million to $1 billion among merchants. He also highlights the

React to this headline:

Loading spinner

Triangulation fraud: The costly scam hitting online retailers Read More »

Most people still rely on memory or pen and paper for password management

authentication, Bitwarden, cybersecurity, Don't miss, News, passwords, report, survey /

Most people still rely on memory or pen and paper for password management 2024-04-26 at 08:02 By Help Net Security Bitwarden surveyed 2,400 individuals from the US, UK, Australia, France, Germany, and Japan to investigate current user password practices. The survey shows that 25% of respondents globally reuse passwords across 11-20+ accounts, and 36% admit

React to this headline:

Loading spinner

Most people still rely on memory or pen and paper for password management Read More »

What is multi-factor authentication (MFA), and why is it important?

access management, authentication, BARR Advisory, cybersecurity, Don't miss, Hot stuff, MFA, password manager, passwords, Privacy, tips, Video /

What is multi-factor authentication (MFA), and why is it important? 2024-04-23 at 06:31 By Help Net Security Setting up MFA can seem daunting for consumers just beginning to clean up their security postures. In this Help Net Security video, Larry Kinkaid, Manager, Cybersecurity Consulting at BARR Advisory, shares tips for consumers who need simple, accessible

React to this headline:

Loading spinner

What is multi-factor authentication (MFA), and why is it important? Read More »

Who owns customer identity?

access control, authentication, Compliance, cybersecurity, Descope, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, identity management, MFA, News, opinion /

Who owns customer identity? 2024-04-18 at 07:31 By Help Net Security When I’m talking with prospective clients, I like to ask: which department owns customer identity? Everyone immediately looks towards a different team. While every team touches customer identity at some point, the teams that own it differ from organization to organization. From my experience,

React to this headline:

Loading spinner

Who owns customer identity? Read More »

EJBCA: Open-source public key infrastructure (PKI), certificate authority (CA)

authentication, certificate authority, Don't miss, GitHub, Hot stuff, News, open source, PKI, software /

EJBCA: Open-source public key infrastructure (PKI), certificate authority (CA) 2024-04-09 at 07:32 By Mirko Zorz EJBCA is open-source PKI and CA software. It can handle almost anything, and someone once called it the kitchen sink of PKI. With its extensive history as one of the longest-standing CA software projects, EJBCA offers proven robustness, reliability, and

React to this headline:

Loading spinner

EJBCA: Open-source public key infrastructure (PKI), certificate authority (CA) Read More »

Strategies for secure identity management in hybrid environments

access management, authentication, critical infrastructure, cyber hygiene, Don't miss, Features, Hot stuff, identity, identity management, News, Okta, password management, passwordless, strategy /

Strategies for secure identity management in hybrid environments 2024-04-09 at 07:02 By Mirko Zorz In this Help Net Security interview, Charlotte Wylie, SVP and Deputy CSO at Okta, discusses the challenges of managing user identities across hybrid IT environments. She emphasizes balancing and adopting comprehensive security controls, including cloud SSO and MFA technologies, to unify

React to this headline:

Loading spinner

Strategies for secure identity management in hybrid environments Read More »

How Google plans to make stolen session cookies worthless for attackers

authentication, Chrome, cookies, Don't miss, Hot stuff, Malware, MFA, News, Privacy, public-key cryptography /

How Google plans to make stolen session cookies worthless for attackers 2024-04-03 at 08:31 By Zeljka Zorz Google is working on a new security feature for Chrome called Device Bound Session Credentials (DBSC), meant to prevent attackers from using stolen session cookies to gain access user accounts. Session (i.e., authentication) cookies are stored by browsers

React to this headline:

Loading spinner

How Google plans to make stolen session cookies worthless for attackers Read More »

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)

Anyscale, authentication, Bishop Fox, Don't miss, enterprise, Hot stuff, machine learning, News, Oligo Security, vulnerability /

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022) 2024-03-27 at 13:16 By Zeljka Zorz Attackers are leveraging a vulnerability (CVE-2023-48022) in Anyscale’s Ray AI software to compromise enterprise servers and saddle them with cryptominers and reverse shells. “To our knowledge, the attack started 7 months ago,” Avi Lumelsky, a researcher at Oligo

React to this headline:

Loading spinner

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022) Read More »

How security leaders can ease healthcare workers’ EHR-related burnout

access management, authentication, burnout, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, healthcare, Hot stuff, Hypori, News, opinion /

How security leaders can ease healthcare workers’ EHR-related burnout 2024-03-27 at 08:05 By Help Net Security Staff experiencing burnout in healthcare settings is not something that security leaders typically worry about – unless, maybe, it is the security team itself that is suffering from it. Healthcare CISOs and privacy officers worry more about the confidentiality

React to this headline:

Loading spinner

How security leaders can ease healthcare workers’ EHR-related burnout Read More »

What do Bitcoin’s all-time highs mean for crypto industry expectations in 2024?

Artificial Intelligence, authentication, blockchain, deep fake, elections, Fake News, Media, music nft, nft, podcasts, politics, Web3 /

What do Bitcoin’s all-time highs mean for crypto industry expectations in 2024? 2024-03-08 at 16:10 By Cointelegraph by Ray Salmond We’re in a bull market. Now what? Jonathan and Ray share their thoughts, ideas and expectations for the crypto market in 2024. This article is an excerpt from Cointelegraph.com News View Original Source React to

React to this headline:

Loading spinner

What do Bitcoin’s all-time highs mean for crypto industry expectations in 2024? Read More »

Leveraging AI and automation for enhanced cloud communication security

Artificial Intelligence, authentication, automation, Cloud, communication, Compliance, cybersecurity, Don't miss, Features, Hot stuff, machine learning, News, opinion, threat detection, Vonage /

Leveraging AI and automation for enhanced cloud communication security 2024-03-08 at 07:32 By Mirko Zorz In this Help Net Security interview, Sanjay Macwan, CIO and CISO at Vonage, addresses emerging threats to cloud communications and the role of AI and automation in cybersecurity. What emerging threats to cloud communications are you most concerned about, and

React to this headline:

Loading spinner

Leveraging AI and automation for enhanced cloud communication security Read More »

Hundreds of orgs targeted with emails aimed at stealing NTLM authentication hashes

authentication, Don't miss, Hot stuff, initial access broker, News, phishing, Proofpoint, Varonis, Windows /

Hundreds of orgs targeted with emails aimed at stealing NTLM authentication hashes 2024-03-05 at 12:47 By Zeljka Zorz A threat actor specializing in establishing initial access to target organizations’ computer systems and networks is using booby-trapped email attachments to steal employees’ NTLM hashes. Why are they after NTLM hashes? NT LAN Manager (NTLM) hashes contain

React to this headline:

Loading spinner

Hundreds of orgs targeted with emails aimed at stealing NTLM authentication hashes Read More »

How organizations can navigate identity security risks in 2024

access management, authentication, CISO, cloud security, cybersecurity, Don't miss, Features, Hot stuff, hybrid IT, identity management, News, opinion, SaaS, strategy, tips, Zilla Security /

How organizations can navigate identity security risks in 2024 2024-02-29 at 07:34 By Mirko Zorz Managing IAM challenges in hybrid IT environments requires a holistic approach, integrating solutions and automating processes to ensure effective access controls and operational efficiency. In this Help Net Security interview, Deepak Taneja, CEO of Zilla Security, discusses identity security risks

React to this headline:

Loading spinner

How organizations can navigate identity security risks in 2024 Read More »

Using AI to reduce false positives in secrets scanners

API security, Artificial Intelligence, authentication, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Features, Hot stuff, Legit Security, News, opinion, SSH /

Using AI to reduce false positives in secrets scanners 2024-02-27 at 08:02 By Help Net Security As development environments grow more complex, applications increasingly communicate with many external services. When a software development project communicates with an external service, it utilizes a token or “secret” for authentication. These tokens are the glue that keeps any

React to this headline:

Loading spinner

Using AI to reduce false positives in secrets scanners Read More »

TruffleHog: Open-source solution for scanning secrets

authentication, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, scanning, software /

TruffleHog: Open-source solution for scanning secrets 2024-02-21 at 07:31 By Mirko Zorz TruffleHog is an open-source scanner that identifies and addresses exposed secrets throughout your entire technology stack. “TruffleHog was originally a research tool I independently authored in 2016. When I published it, no tools were scanning Git revision history for secrets. My hunch was

React to this headline:

Loading spinner

TruffleHog: Open-source solution for scanning secrets Read More »

How decentralized identity is shaping the future of data protection

authentication, cybersecurity, digital wallet, Don't miss, Features, Hot stuff, identity, identity management, News, opinion, Ping Identity, Privacy, standards /

How decentralized identity is shaping the future of data protection 2024-02-20 at 07:32 By Mirko Zorz In this Help Net Security interview, Patrick Harding, Chief Architect at Ping Identity, discusses the promises and implications of decentralized identity (DCI) in cybersecurity. By redistributing identity management responsibilities among issuers, holders, and verifiers, DCI empowers individuals to selectively

React to this headline:

Loading spinner

How decentralized identity is shaping the future of data protection Read More »

Why identity fraud costs organizations millions

authentication, cybersecurity, dark web, deepfakes, Don't miss, Hot stuff, HYPR, identity, social engineering, Video /

Why identity fraud costs organizations millions 2024-02-20 at 07:01 By Help Net Security 92% of respondents to a recent report shared that their organization had been a victim of identity fraud, costing an average of $4.3 million over the last 12 months. Even so, only 40% stated identity verification as a top identity challenge, noting

React to this headline:

Loading spinner

Why identity fraud costs organizations millions Read More »

Gmail & Yahoo DMARC rollout: When cyber compliance gives a competitive edge

authentication, Compliance, cybersecurity, Don't miss, EasyDMARC, Email, Expert analysis, Expert corner, Gmail, Hot stuff, News, opinion, standards, Yahoo /

Gmail & Yahoo DMARC rollout: When cyber compliance gives a competitive edge 2024-02-16 at 08:01 By Help Net Security The essence of cybersecurity is not just about defense but enabling business through trust and reliability. As Gmail and Yahoo take steps to enforce stricter email authentication, organizations that are proactive in their DMARC compliance will

React to this headline:

Loading spinner

Gmail & Yahoo DMARC rollout: When cyber compliance gives a competitive edge Read More »

Zero trust implementation: Plan, then execute, one step at a time

access management, authentication, Don't miss, Hot stuff, News, strategy, tips, zero trust /

Zero trust implementation: Plan, then execute, one step at a time 2024-02-01 at 08:02 By Helga Labus 82% of cybersecurity professionals have been working on implementing zero trust last year, and 16% should be on it by the end of this year. The challenges of zero trust implementation You’ve probably heard it before: zero trust

React to this headline:

Loading spinner

Zero trust implementation: Plan, then execute, one step at a time Read More »

Scroll to Top